Back to CVE Browser

CVE-2000-1025

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.0550%

EPSS Percentile22.98th

PublishedDec 11, 2000

Last ModifiedApr 16, 2026

Vulnerability Description

eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.

Affected Platforms (CPE)

📦

Unify

Ewave Servletexec

= 3.0c

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=97295224226042&w=2

🔗 http://www.securityfocus.com/bid/1868

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5435

🔗 http://marc.info/?l=bugtraq&m=97295224226042&w=2

🔗 http://www.securityfocus.com/bid/1868

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5435

Related Vulnerabilities

CVE-2000-102410.0

eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers t...

CVE-2000-04987.5

Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP e...

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...